Vulnerabilities > Expresstech > Responsive Menu > 2.8.9
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-18 | CVE-2022-25602 | Unrestricted Upload of File with Dangerous Type vulnerability in Expresstech Responsive Menu Nonce token leak vulnerability leading to arbitrary file upload, theme deletion, plugin settings change discovered in Responsive Menu WordPress plugin (versions <= 4.1.7). | 6.5 |
| 2019-08-14 | CVE-2017-18513 | Cross-Site Request Forgery (CSRF) vulnerability in Expresstech Responsive Menu The responsive-menu plugin before 3.1.4 for WordPress has no CSRF protection mechanism for the admin interface. | 6.8 |